IT Security Engineer

£40k to £45k
30 Sep 2017
03 Nov 2017
Contract Type
Full Time
We are seeking to recruit an experienced IT Security Engineer who will help establish and maintain a culture of information and technology security through a structured programme of work and an IT security framework that will protect Sofology's systems, services, data and critical assets.

The role will primarily focus on application security, network security, vulnerability management, incident response and identity management while ensuring the organisation adheres to regulations and industry best practices.


Contribute to solution design discussions so that security is baked in from the start of technology projects.
Work with the business to implement adequate controls and data retention strategies.
Identify enhancements to IT tools, standards, and processes to reduce\remove security vulnerabilities.
Develop Patch management solution and process.
Penetration Testing and Vulnerability Assessment.
Proactive horizon scanning for threats as they emerge and the defence of those threats.
Data confidentiality, integrity, and availability.
Work with the IT teams to establish data and system restoration protocols.
Educate development teams on security best practices.
Standard security measures, advanced/intelligent security measures, access control, encryption and data loss prevention.


Be able to clearly articulate security concerns to the wider business and technology teams.
Knowledge and use of Fortinet and Sonicwall firewalls.
Knowledge and use of Meraki wifi and mobile device management.
Web Proxy implementations
Windows and Linux OS Security Auditing
Log filtering, aggregation and analysis.
Deep understanding of security vulnerabilities in software (both native and web)
Experience with next generation anti-virus software, intrusion detection, firewalls and content filtering.
Deep understanding of PCI-DSS
Understanding of GDPR
Knowledge of application security vulnerabilities (OWASP TOP10),
Implementation and enforcement of Best Practices for Network and Server Security.
Experience with data encryption
This job was originally posted as